Paul Hänsch <paul at fsfe.org> writes: > http://plutz.net/chunkchat.cgi Security tip: the chat seems to be vulnerable to CSRF attacks so any website can trick your browser into sending chat messages in your name (or "in your IP address").